Bad news for Dropbox fans. The company confirmed today that its cloud storage service has been compromised over the last two weeks, with attackers gaining access to some accounts via third-party websites. This, in turn, has led to increased spam for some users due to a project document containing user email addresses found on a Dropbox employee’s compromised account.

Dropbox is responding to this issue by “[putting] additional controls in place to help make sure it doesn’t happen again.” This includes an optional form of two-factor authentication (coming soon) which requires you to enter a unique code sent to your smartphone before you can log in. Other security improvements include “new automated mechanisms to help identify suspicious activity” and “a new page that lets you examine all active logins to your account.”

Dropbox is reaching out to the “small number of Dropbox accounts” which appear to have been affected, but it’s always wise to change your password in this situation just to be safe. Are you worried about the safety of your Dropbox account?